Data Breach Affects 890 U.S. Schools

Recently, U.S. educational nonprofit National Student Clearinghouse reported a data breach that has impacted 890 schools across the United States. The breach notification letter filed with the Office of the California Attorney General disclosed that the attackers accessed the MOVEit managed file transfer (MFT) server on May 30 and stole files containing various personal information.

“On May 31, 2023, the Clearinghouse was informed by our third-party software provider, Progress Software, of a cybersecurity issue involving the provider’s MOVEit Transfer solution,” stated Clearinghouse.

Upon discovering the issue, Clearinghouse promptly launched an investigation with the assistance of leading cybersecurity experts and collaborated with law enforcement agencies.

The stolen documents contain personally identifiable information (PII) such as names, dates of birth, contact details, Social Security numbers, student ID numbers, and certain school-related records like enrollment records, degree records, and course-level data.

The extent of data exposed in the attack varies for each affected person. For a comprehensive list of educational organizations impacted by this significant data breach, please click here.

Clearinghouse is a provider of educational reporting, data exchange, verification, and research services to approximately 22,000 high schools and 3,600 colleges and universities. Their participants account for around 97% of students enrolled in public and private institutions.

Clop Ransomware Group Responsible for MOVEit Hacks

The MOVEit Transfer secure file transfer platform has been targeted by the Clop ransomware gang, resulting in extensive data theft attacks since May 27. The cyber criminals exploited a zero-day security flaw to carry out these attacks.

Starting from June 15, the attackers began extorting organizations that fell victim to the hacks, publicly exposing their names on the dark web data leak site operated by the group.

The fallout from these attacks is expected to impact numerous organizations worldwide, with many already notifying affected customers over the past four months.

Despite the large number of potential victims, Coveware estimates that only a limited number are likely to comply with Clop’s ransom demands. Nevertheless, it is anticipated that the cybercrime gang will collect an estimated $75-100 million in ransom payments due to their high demands.

Reports have also surfaced regarding the data theft and extortion attacks targeting multiple U.S. federal agencies and two entities within the U.S. Department of Energy (DOE).

H/T Brett Callow